======6.1.5 Ensure permissions on /etc/shadow are configured (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
The ''/etc/gshadow'' file is used to store the information about groups that is critical to the security of those accounts, such as the hashed password and other security information.

=====Rationale=====
If attackers can gain read access to the ''/etc/gshadow'' file, they can easily run a password cracking program against the hashed password to break it. Other security information that is stored in the ''/etc/gshadow'' file (such as group administrators) could also be useful to subvert the group.

=====Audit===== 
Run the following command and verify ''Uid'' is ''0/root'', ''Gid'' is ''0/root'', and ''Access'' is ''000'':
<Code:bash>
# stat /etc/gshadow 
Access: (0000/----------) Uid: ( 0/ root) Gid: ( 0/ root)
</Code>
=====Remediation===== 
Run the following command to set permissions on ''/etc/gshadow'':
<Code:bash>
# chown root:root /etc/gshadow 
# chmod 000 /etc/gshadow
</Code>